[ ] Tests for the changes have been added (for bug fixes / features) - N/A
[ ] Docs have been added / updated (for bug fixes / features) - N/A
PR Type
[ ] Bugfix
[ ] Feature
[ ] Code style update (formatting, local variables)
[ ] Refactoring (no functional changes, no api changes)
[ ] New tests
[x] Build/CI related changes
[ ] Documentation content changes
[ ] Other (please describe)
What is the current behavior?
Default restrictive token is applied.
What is the new behavior?
permissions: {}
Give the token no additional permissions (the empty set includes metadata: read which is always given).
content: read should not be needed even for checkout since it is a public repository.
PR summary
Explicit include of only necessary permissions for actions token.
Fixes: part of s1014
Note: An existing issue is required before opening a PR.
PR Checklist
Please make sure that your PR fulfills the following requirements:
PR Type
What is the current behavior?
Default restrictive token is applied.
What is the new behavior?
permissions: {}Give the token no additional permissions (the empty set includesmetadata: readwhich is always given).content: readshould not be needed even for checkout since it is a public repository.Does this PR introduce a breaking change?
Other information